In known networks, users require so-called credentials as an ID assertion, for instance login names or passwords, in order to authenticate themselves in respect of the server and in order to gain access to its services. A credential is evidence to confirm an ID assertion of the user. Credentials are therefore authentication features and/or proof of authority. In known networks, like for instance the internet, there is however no transparency in the case of a services access. A user who would like access to different websites, which do not belong to the same web domain, must repeatedly authenticate him/herself for each website even if a service level agreement SLA exists between the different service providers. The reason for this is that known browsers are not able to transport evidence information data and/or credentials to other websites which do not belong to the current website domain. It is tiring for the user to input an ID assertion, for instance his/her login name or password, each time he/she changes domain.
With a so-called single sign-on (SSO) and/or a single logon, following a single authentication, a user can access all computers and services for which he is authorized, without having to reregister each time.
With known portals, the identity of a registered user is passed on to the parties constituting the portal without this being noticed by the user. With a single sign-on, the user only identifies him/herself once with the aid of an authentication method, for instance by entering a password. An SSO mechanism then assumes the object of authenticating the user. With portals, the user can initially log on once with the portal and is authenticated or roughly authorized there. To this end, the user obtains the feature of clearly having applications that are integrated within the portal. This feature represents a credential. With portals based on web technologies, this takes place in the form of so-called cookies for instance. With a portal, the user in this way obtains access to several web applications, whereby he/she does not have to log on separately.
A single sign-on despite cookies is nevertheless not possible if the user navigates and/or surfs outside the web domain.